EP2120175A3 - Vérification d'identité - Google Patents

Vérification d'identité Download PDF

Info

Publication number
EP2120175A3
EP2120175A3 EP09251319A EP09251319A EP2120175A3 EP 2120175 A3 EP2120175 A3 EP 2120175A3 EP 09251319 A EP09251319 A EP 09251319A EP 09251319 A EP09251319 A EP 09251319A EP 2120175 A3 EP2120175 A3 EP 2120175A3
Authority
EP
European Patent Office
Prior art keywords
pid
entity
reply
computerised system
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP09251319A
Other languages
German (de)
English (en)
Other versions
EP2120175A2 (fr
Inventor
Robert W.W. Burden
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of EP2120175A2 publication Critical patent/EP2120175A2/fr
Publication of EP2120175A3 publication Critical patent/EP2120175A3/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3227Aspects of commerce using mobile devices [M-devices] using secure elements embedded in M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
EP09251319A 2008-05-14 2009-05-14 Vérification d'identité Withdrawn EP2120175A3 (fr)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GBGB0808752.0A GB0808752D0 (en) 2008-05-14 2008-05-14 Identity verification

Publications (2)

Publication Number Publication Date
EP2120175A2 EP2120175A2 (fr) 2009-11-18
EP2120175A3 true EP2120175A3 (fr) 2010-02-17

Family

ID=39571332

Family Applications (1)

Application Number Title Priority Date Filing Date
EP09251319A Withdrawn EP2120175A3 (fr) 2008-05-14 2009-05-14 Vérification d'identité

Country Status (3)

Country Link
US (1) US20090287937A1 (fr)
EP (1) EP2120175A3 (fr)
GB (1) GB0808752D0 (fr)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100153278A1 (en) * 2008-12-16 2010-06-17 Farsedakis Lewis E Web sites that introduce a seller to a universe of buyers, web sites that receive a buyer's listing of what he wants to buy, other introduction web sites, systems using introduction web sites and internet-based introductions
FR2966667B1 (fr) * 2010-10-20 2012-11-16 Atos Worldline Procede et systeme d'authentification
US8359631B2 (en) 2010-12-08 2013-01-22 Lewis Farsedakis Portable identity rating
US8464358B2 (en) 2010-12-08 2013-06-11 Lewis Farsedakis Portable identity rating
EP2475144A1 (fr) * 2011-01-05 2012-07-11 Gemalto SA Procédé pour communiquer entre un serveur et un client et système, serveur et client correspondants
CN103873455B (zh) * 2012-12-18 2019-05-17 阿里巴巴集团控股有限公司 一种信息校验的方法及装置
US9374369B2 (en) * 2012-12-28 2016-06-21 Lookout, Inc. Multi-factor authentication and comprehensive login system for client-server networks
US10250579B2 (en) * 2013-08-13 2019-04-02 Alcatel Lucent Secure file transfers within network-based storage
EP2937806A1 (fr) * 2014-04-22 2015-10-28 ALSTOM Renewable Technologies Procédé et système pour sécuriser un échange de données électroniques entre un dispositif programmable industriel et un dispositif programmable portable
CN105844815B (zh) * 2014-10-29 2018-11-16 罗军 一种atm机的取现控制方法
CN112995015B (zh) * 2019-12-17 2022-07-05 腾讯科技(深圳)有限公司 消息发送方法、装置、终端及存储介质

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1996000485A2 (fr) * 1994-06-24 1996-01-04 Telefonaktiebolaget Lm Ericsson Procede et appareil d'authentification d'un utilisateur
US20030055738A1 (en) * 2001-04-04 2003-03-20 Microcell I5 Inc. Method and system for effecting an electronic transaction
WO2006075917A2 (fr) * 2005-01-11 2006-07-20 Encap As Procede de production de code de securite et ses procedes d'utilisation, et dispositif programmable correspondant

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030177364A1 (en) * 2002-03-15 2003-09-18 Walsh Robert E. Method for authenticating users
JP4311174B2 (ja) * 2003-11-21 2009-08-12 日本電気株式会社 認証方法、移動体無線通信システム、移動端末、認証側装置、認証サーバ、認証代理スイッチ及びプログラム
JP2005284437A (ja) * 2004-03-29 2005-10-13 Hitachi Ltd ストレージ装置
EP1743447B1 (fr) * 2004-05-04 2009-03-25 Research In Motion Limited Systeme et procede de reponse d'identification
JP2008181295A (ja) * 2007-01-24 2008-08-07 Sony Corp 認証システム、情報処理装置および方法、プログラム、並びに記録媒体
EP1976322A1 (fr) * 2007-03-27 2008-10-01 British Telecommunications Public Limited Company Procédé d'authentification

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1996000485A2 (fr) * 1994-06-24 1996-01-04 Telefonaktiebolaget Lm Ericsson Procede et appareil d'authentification d'un utilisateur
US20030055738A1 (en) * 2001-04-04 2003-03-20 Microcell I5 Inc. Method and system for effecting an electronic transaction
WO2006075917A2 (fr) * 2005-01-11 2006-07-20 Encap As Procede de production de code de securite et ses procedes d'utilisation, et dispositif programmable correspondant

Also Published As

Publication number Publication date
EP2120175A2 (fr) 2009-11-18
GB0808752D0 (en) 2008-06-18
US20090287937A1 (en) 2009-11-19

Similar Documents

Publication Publication Date Title
EP2120175A3 (fr) Vérification d'identité
WO2008127431A3 (fr) Systèmes et procédés d'identification et d'authentification d'un utilisateur
GB201015212D0 (en) Online user authentication
WO2008095011A3 (fr) Procédés et systèmes pour authentification d'un utilisateur
EP1927934A3 (fr) Procédé de stockage sécurisé de paramètres biométriques dans une base de données
WO2010121137A3 (fr) Serveur d'inscription
WO2008041980A3 (fr) Procédés et appareil d'authentification de serveur mandataire
WO2007013904A3 (fr) Systeme d'authentification a jeton unique et facteurs multiples, et procede associe
HK1133316A1 (en) A digital authentication device for product id and its testing device thereof, product using the digital device and the anti-counterfeiting testing method used therefore
JP2009503661A5 (fr)
EP1710980A3 (fr) Services d'authentification avec un appareil mobile
HK1069231A1 (en) Three way validation and authentication of boot files transmitted from server to client
WO2013002903A3 (fr) Système et procédé pour soumettre un utilisateur à un système sécurisé de vérification biométrique
WO2006015145A3 (fr) Procedes et appareil pour l'authentification de dispositifs rfid
WO2010126509A3 (fr) Systèmes et procédés pour paiement mobile rendu aléatoire
ATE527797T1 (de) Verfahren und einrichtungen zur benutzerauthentifikation
WO2005086810A3 (fr) Appareil et procede pour systeme de gestion de base de donnees biometrique
WO2008146667A1 (fr) Système d'authentification anonyme et procédé d'authentification anonyme
WO2007103935A3 (fr) Méthode, système, et appareil pour accès sécurisé/authentification imbriqués
WO2007127188A3 (fr) Dispositif portable et procedes pour effectuer des transactions securisees
WO2010011067A3 (fr) Appareil et procédé pour inter-opération entre services de réalité virtuelle
EP2538367A3 (fr) Appareil de traitement d'image, procédé de contrôle, programme pour appareil de traitement d'image et support de stockage stockant le programme
WO2004092864A3 (fr) Systeme d'authentification d'appareil, appareil serveur et appareil client
EP2080475A3 (fr) Dispositif de gestion de l'état de santé et système de gestion de l'état de santé
MX2023003553A (es) Autenticación de identidad basada en biometría.

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK TR

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA RS

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20100818